Issues in timber.php (master) - Issues in master - jarednova/timber - Measure and Improve Code Quality continuously with Scrutinizer

Issues (311)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

lib/timber.php (1 issue)

Labels

Severity

Minor 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

/**
 * Timber Class.
 *
 * Main class called Timber for this plugin.
 *
 * Usage:
 *  $posts = Timber::get_posts();
 *  $posts = Timber::get_posts('post_type = article')
 *  $posts = Timber::get_posts(array('post_type' => 'article', 'category_name' => 'sports')); // uses wp_query format.
 *  $posts = Timber::get_posts(array(23,24,35,67), 'InkwellArticle');
 *
 *  $context = Timber::get_context(); // returns wp favorites!
 *  $context['posts'] = $posts;
 *  Timber::render('index.twig', $context);
 */
class Timber {

	public static $locations;
	public static $dirname;
	public static $twig_cache = false;
	public static $cache = false;
	public static $auto_meta = true;
	public static $autoescape = false;

	/**
	 * @codeCoverageIgnore
	 */
	public function __construct() {
		if ( !defined('ABSPATH') ) {
			return;
		}
		$this->test_compatibility();
		$this->init_constants();
		$this->init();
	}

	/**
	 * Tests whether we can use Timber
	 * @codeCoverageIgnore
	 * @return
	 */
	protected function test_compatibility() {
		if ( is_admin() || $_SERVER['PHP_SELF'] == '/wp-login.php' ) {
			return;
		}
		if ( version_compare( phpversion(), '5.3.0', '<' ) && !is_admin() ) {
			trigger_error( 'Timber requires PHP 5.3.0 or greater. You have '.phpversion(), E_USER_ERROR );
		}
		if ( !class_exists( 'Twig_Autoloader' ) ) {
			trigger_error( 'You have not run "composer install" to download required dependencies for Timber, you can read more on https://github.com/jarednova/timber#installation', E_USER_ERROR );
		}
	}

	function init_constants() {
		defined( "TIMBER_LOC" ) or define( "TIMBER_LOC", realpath( dirname(__DIR__) ) );
	}

	/**
	 * @codeCoverageIgnore
	 */
	protected function init() {
		TimberTwig::init();
		TimberRoutes::init( $this );
		TimberImageHelper::init();
		TimberAdmin::init();
		TimberIntegrations::init();
	}

	/* Post Retrieval Routine
	================================ */

	/**
	 * Get post.
	 *
	 * @param mixed   $query
	 * @param string  $PostClass
	 * @return array|bool|null
	 */
	public static function get_post( $query = false, $PostClass = 'TimberPost' ) {
		return TimberPostGetter::get_post( $query, $PostClass );
	}

	/**
	 * Get posts.
	 *
	 * @param mixed   $query
	 * @param string  $PostClass
	 * @return array|bool|null
	 */
	public static function get_posts( $query = false, $PostClass = 'TimberPost', $return_collection = false ) {
		return TimberPostGetter::get_posts( $query, $PostClass, $return_collection );
	}

	/**
	 * Query post.
	 *
	 * @param mixed   $query
	 * @param string  $PostClass
	 * @return array|bool|null
	 */
	public static function query_post( $query = false, $PostClass = 'TimberPost' ) {
		return TimberPostGetter::query_post( $query, $PostClass );
	}

	/**
	 * Query posts.
	 *
	 * @param mixed   $query
	 * @param string  $PostClass
	 * @return array|bool|null
	 */
	public static function query_posts( $query = false, $PostClass = 'TimberPost' ) {
		return TimberPostGetter::query_posts( $query, $PostClass );
	}

	/**
	 * WP_Query has posts.
	 *
	 * @return bool
	 * @deprecated since 0.20.0
	 */
	static function wp_query_has_posts() {
		return TimberPostGetter::wp_query_has_posts();
	}

	/* Term Retrieval
	================================ */

	/**
	 * Get terms.
	 *
	 * @param string|array $args
	 * @param array   $maybe_args
	 * @param string  $TermClass
	 * @return mixed
	 */
	public static function get_terms( $args = null, $maybe_args = array(), $TermClass = 'TimberTerm' ) {
		return TimberTermGetter::get_terms( $args, $maybe_args, $TermClass );
	}

	/* Site Retrieval
	================================ */

	/**
	 * Get sites.
	 *
	 * @param array|bool $blog_ids
	 * @return array
	 */
	public static function get_sites( $blog_ids = false ) {
		if ( !is_array( $blog_ids ) ) {
			global $wpdb;
			$blog_ids = $wpdb->get_col( "SELECT blog_id FROM $wpdb->blogs ORDER BY blog_id ASC" );
		}
		$return = array();
		foreach ( $blog_ids as $blog_id ) {
			$return[] = new TimberSite( $blog_id );
		}
		return $return;
	}


	/*  Template Setup and Display
	================================ */

	/**
	 * Get context.
	 *
	 * @return array
	 */
	public static function get_context() {
		$data = array();
		$data['http_host'] = 'http://' . TimberURLHelper::get_host();
		$data['wp_title'] = TimberHelper::get_wp_title();
		$data['wp_head'] = TimberHelper::function_wrapper( 'wp_head' );
		$data['wp_footer'] = TimberHelper::function_wrapper( 'wp_footer' );
		$data['body_class'] = implode( ' ', get_body_class() );

		$data['site'] = new TimberSite();
		$data['request'] = new TimberRequest();
		$data['theme'] = $data['site']->theme;

		$data['posts'] = Timber::query_posts();

		$data = apply_filters( 'timber_context', $data );
		$data = apply_filters( 'timber/context', $data );
		return $data;
	}

	/**
	 * Compile function.
	 *
	 * @param array   $filenames
	 * @param array   $data
	 * @param bool    $expires
	 * @param string  $cache_mode
	 * @param bool    $via_render
	 * @return bool|string
	 */
	public static function compile( $filenames, $data = array(), $expires = false, $cache_mode = TimberLoader::CACHE_USE_DEFAULT, $via_render = false ) {
		$caller = self::get_calling_script_dir();
		$caller_file = self::get_calling_script_file();
		$caller_file = apply_filters( 'timber_calling_php_file', $caller_file );
		$loader = new TimberLoader( $caller );
		$file = $loader->choose_template( $filenames );
		$output = '';
		if ( is_null( $data ) ) {
			$data = array();
		}
		if ( strlen( $file ) ) {
			if ( $via_render ) {
				$file = apply_filters( 'timber_render_file', $file );
				$data = apply_filters( 'timber_render_data', $data );
			} else {
				$file = apply_filters( 'timber_compile_file', $file );
				$data = apply_filters( 'timber_compile_data', $data );
			}
			$output = $loader->render( $file, $data, $expires, $cache_mode );
		}
		do_action( 'timber_compile_done' );
		return $output;
	}

	/**
	 * Compile string.
	 *
	 * @param string  $string a string with twig variables.
	 * @param array   $data   an array with data in it.
	 * @return  bool|string
	 */
	public static function compile_string( $string, $data = array() ) {
		$dummy_loader = new TimberLoader();
		$dummy_loader->get_twig();
		$loader = new Twig_Loader_String();
		$twig = new Twig_Environment( $loader );
		$twig = apply_filters( 'timber/twig/filters', $twig );
		$twig = apply_filters( 'twig_apply_filters', $twig );
		return $twig->render( $string, $data );
	}

	/**
	 * Fetch function.
	 *
	 * @param array   $filenames
	 * @param array   $data
	 * @param bool    $expires
	 * @param string  $cache_mode
	 * @return bool|string
	 */
	public static function fetch( $filenames, $data = array(), $expires = false, $cache_mode = TimberLoader::CACHE_USE_DEFAULT ) {
		if ( $expires === true ) {
			//if this is reading as true; the user probably is using the old $echo param
			//so we should move all vars up by a spot
			$expires = $cache_mode;
			$cache_mode = TimberLoader::CACHE_USE_DEFAULT;
		}
		$output = self::compile( $filenames, $data, $expires, $cache_mode, true );
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}
		$output = apply_filters( 'timber_compile_result', $output );
		return $output;
	}

	/**
	 * Render function.
	 *
	 * @param array   $filenames
	 * @param array   $data
	 * @param bool    $expires
	 * @param string  $cache_mode
	 * @return bool|string
	 */
	public static function render( $filenames, $data = array(), $expires = false, $cache_mode = TimberLoader::CACHE_USE_DEFAULT ) {
		$output = static::fetch( $filenames, $data, $expires, $cache_mode );
		echo $output;
		return $output;
	}

	/**
	 * Render string.
	 *
	 * @param string  $string a string with twig variables.
	 * @param array   $data   an array with data in it.
	 * @return  bool|string
	 */
	public static function render_string( $string, $data = array() ) {
		$compiled = self::compile_string( $string, $data );
		echo $compiled;
		return $compiled;
	}


	/*  Sidebar
	================================ */

	/**
	 * Get sidebar.
	 *
	 * @param string  $sidebar
	 * @param array   $data
	 * @return bool|string
	 */
	public static function get_sidebar( $sidebar = '', $data = array() ) {
		if ( $sidebar == '' ) {
			$sidebar = 'sidebar.php';
		}
		if ( strstr( strtolower( $sidebar ), '.php' ) ) {
			return self::get_sidebar_from_php( $sidebar, $data );
		}
		return self::compile( $sidebar, $data );
	}

	/**
	 * Get sidebar from PHP
	 *
	 * @param string  $sidebar
	 * @param array   $data
	 * @return string
	 */
	public static function get_sidebar_from_php( $sidebar = '', $data ) {
		$caller = self::get_calling_script_dir();
		$loader = new TimberLoader();
		$uris = $loader->get_locations( $caller );
		ob_start();
		$found = false;
		foreach ( $uris as $uri ) {
			if ( file_exists( trailingslashit( $uri ) . $sidebar ) ) {
				include trailingslashit( $uri ) . $sidebar;
				$found = true;
				break;
			}
		}
		if ( !$found ) {
			TimberHelper::error_log( 'error loading your sidebar, check to make sure the file exists' );
		}
		$ret = ob_get_contents();
		ob_end_clean();
		return $ret;
	}

	/* Widgets
	================================ */

	/**
	 * Get widgets.
	 *
	 * @param int     $widget_id
	 * @return TimberFunctionWrapper
	 */
	public static function get_widgets( $widget_id ) {
		return trim( TimberHelper::function_wrapper( 'dynamic_sidebar', array( $widget_id ), true ) );
	}


	/*  Routes
	================================ */

	/**
	 * Add route.
	 *
	 * @param string  $route
	 * @param callable $callback
	 * @param array   $args
	 * @deprecated since 0.20.0
	 */
	public static function add_route( $route, $callback, $args = array() ) {
		Routes::map( $route, $callback, $args );
	}

	/**
	 * Load template.
	 *
	 * @deprecated since 0.20.0
	 */
	public static function load_template( $template, $query = false, $status_code = 200, $tparams = false ) {
		return Routes::load( $template, $tparams, $query, $status_code );
	}

	/**
	 * Load view.
	 *
	 * @deprecated since 0.20.2
	 */
	public static function load_view( $template, $query = false, $status_code = 200, $tparams = false ) {
		return Routes::load( $template, $tparams, $query, $status_code );
	}


	/*  Pagination
	================================ */

	/**
	 * Get pagination.
	 *
	 * @param array   $prefs
	 * @return array mixed
	 */
	public static function get_pagination( $prefs = array() ) {
		global $wp_query;
		global $paged;
		global $wp_rewrite;
		$args = array();
		$args['total'] = ceil( $wp_query->found_posts / $wp_query->query_vars['posts_per_page'] );
		if ( $wp_rewrite->using_permalinks() ) {
			$url = explode( '?', get_pagenum_link( 0 ) );
			if ( isset( $url[1] ) ) {
				parse_str( $url[1], $query );
				$args['add_args'] = $query;
			}
			$args['format'] = 'page/%#%';
			$args['base'] = trailingslashit( $url[0] ).'%_%';
		} else {
			$big = 999999999;
			$args['base'] = str_replace( $big, '%#%', esc_url( get_pagenum_link( $big ) ) );
		}
		$args['type'] = 'array';
		$args['current'] = max( 1, get_query_var( 'paged' ) );
		$args['mid_size'] = max( 9 - $args['current'], 3 );
		if ( is_int( $prefs ) ) {
			$args['mid_size'] = $prefs - 2;
		} else {
			$args = array_merge( $args, $prefs );
		}
		$data = array();
		$data['current'] = $args['current'];
		$data['total'] = $args['total'];
		$data['pages'] = TimberHelper::paginate_links( $args );
		$next = get_next_posts_page_link( $args['total'] );
		if ( $next ) {
			$data['next'] = array( 'link' => untrailingslashit( $next ), 'class' => 'page-numbers next' );
		}
		$prev = previous_posts( false );
		if ( $prev ) {
			$data['prev'] = array( 'link' => untrailingslashit( $prev ), 'class' => 'page-numbers prev' );
		}
		if ( $paged < 2 ) {
			$data['prev'] = '';
		}
		if ( $data['total'] === ( double ) 0 ) {
			$data['next'] = '';
		}
		return $data;
	}

	/*  Utility
	================================ */

	/**
	 * Get calling script dir.
	 *
	 * @return string
	 */
	public static function get_calling_script_dir( $offset = 0 ) {
		$caller = self::get_calling_script_file( $offset );
		if ( !is_null( $caller ) ) {
			$pathinfo = pathinfo( $caller );
			$dir = $pathinfo['dirname'];
			return $dir;
		}
	}

	/**
	 * Get calling script file.
	 *
	 * @param int     $offset
	 * @return string|null
	 * @deprecated since 0.20.0
	 */
	public static function get_calling_script_file( $offset = 0 ) {
		$caller = null;
		$backtrace = debug_backtrace();
		$i = 0;
		foreach ( $backtrace as $trace ) {
			if ( array_key_exists('file', $trace) && $trace['file'] != __FILE__ ) {
				$caller = $trace['file'];
				break;
			}
			$i++;
		}
		if ( $offset ) {
			$caller = $backtrace[$i + $offset]['file'];
		}
		return $caller;
	}


}

$timber = new Timber();
Timber::$dirname = 'views';

1			<?php
2
3			/**
4			* Timber Class.
5			*
6			* Main class called Timber for this plugin.
7			*
8			* Usage:
9			* $posts = Timber::get_posts();
10			* $posts = Timber::get_posts('post_type = article')
11			* $posts = Timber::get_posts(array('post_type' => 'article', 'category_name' => 'sports')); // uses wp_query format.
12			* $posts = Timber::get_posts(array(23,24,35,67), 'InkwellArticle');
13			*
14			* $context = Timber::get_context(); // returns wp favorites!
15			* $context['posts'] = $posts;
16			* Timber::render('index.twig', $context);
17			*/
18			class Timber {
19
20			public static $locations;
21			public static $dirname;
22			public static $twig_cache = false;
23			public static $cache = false;
24			public static $auto_meta = true;
25			public static $autoescape = false;
26
27			/**
28			* @codeCoverageIgnore
29			*/
30			public function __construct() {
31			if ( !defined('ABSPATH') ) {
32			return;
33			}
34			$this->test_compatibility();
35			$this->init_constants();
36			$this->init();
37			}
38
39			/**
40			* Tests whether we can use Timber
41			* @codeCoverageIgnore
42			* @return
43			*/
44			protected function test_compatibility() {
45			if ( is_admin() \|\| $_SERVER['PHP_SELF'] == '/wp-login.php' ) {
46			return;
47			}
48			if ( version_compare( phpversion(), '5.3.0', '<' ) && !is_admin() ) {
49			trigger_error( 'Timber requires PHP 5.3.0 or greater. You have '.phpversion(), E_USER_ERROR );
50			}
51			if ( !class_exists( 'Twig_Autoloader' ) ) {
52			trigger_error( 'You have not run "composer install" to download required dependencies for Timber, you can read more on https://github.com/jarednova/timber#installation', E_USER_ERROR );
53			}
54			}
55
56			function init_constants() {
57			defined( "TIMBER_LOC" ) or define( "TIMBER_LOC", realpath( dirname(__DIR__) ) );
58			}
59
60			/**
61			* @codeCoverageIgnore
62			*/
63			protected function init() {
64			TimberTwig::init();
65			TimberRoutes::init( $this );
66			TimberImageHelper::init();
67			TimberAdmin::init();
68			TimberIntegrations::init();
69			}
70
71			/* Post Retrieval Routine
72			================================ */
73
74			/**
75			* Get post.
76			*
77			* @param mixed $query
78			* @param string $PostClass
79			* @return array\|bool\|null
80			*/
81			public static function get_post( $query = false, $PostClass = 'TimberPost' ) {
82			return TimberPostGetter::get_post( $query, $PostClass );
83			}
84
85			/**
86			* Get posts.
87			*
88			* @param mixed $query
89			* @param string $PostClass
90			* @return array\|bool\|null
91			*/
92			public static function get_posts( $query = false, $PostClass = 'TimberPost', $return_collection = false ) {
93			return TimberPostGetter::get_posts( $query, $PostClass, $return_collection );
94			}
95
96			/**
97			* Query post.
98			*
99			* @param mixed $query
100			* @param string $PostClass
101			* @return array\|bool\|null
102			*/
103			public static function query_post( $query = false, $PostClass = 'TimberPost' ) {
104			return TimberPostGetter::query_post( $query, $PostClass );
105			}
106
107			/**
108			* Query posts.
109			*
110			* @param mixed $query
111			* @param string $PostClass
112			* @return array\|bool\|null
113			*/
114			public static function query_posts( $query = false, $PostClass = 'TimberPost' ) {
115			return TimberPostGetter::query_posts( $query, $PostClass );
116			}
117
118			/**
119			* WP_Query has posts.
120			*
121			* @return bool
122			* @deprecated since 0.20.0
123			*/
124			static function wp_query_has_posts() {
125			return TimberPostGetter::wp_query_has_posts();
126			}
127
128			/* Term Retrieval
129			================================ */
130
131			/**
132			* Get terms.
133			*
134			* @param string\|array $args
135			* @param array $maybe_args
136			* @param string $TermClass
137			* @return mixed
138			*/
139			public static function get_terms( $args = null, $maybe_args = array(), $TermClass = 'TimberTerm' ) {
140			return TimberTermGetter::get_terms( $args, $maybe_args, $TermClass );
141			}
142
143			/* Site Retrieval
144			================================ */
145
146			/**
147			* Get sites.
148			*
149			* @param array\|bool $blog_ids
150			* @return array
151			*/
152			public static function get_sites( $blog_ids = false ) {
153			if ( !is_array( $blog_ids ) ) {
154			global $wpdb;
155			$blog_ids = $wpdb->get_col( "SELECT blog_id FROM $wpdb->blogs ORDER BY blog_id ASC" );
156			}
157			$return = array();
158			foreach ( $blog_ids as $blog_id ) {
159			$return[] = new TimberSite( $blog_id );
160			}
161			return $return;
162			}
163
164
165			/* Template Setup and Display
166			================================ */
167
168			/**
169			* Get context.
170			*
171			* @return array
172			*/
173			public static function get_context() {
174			$data = array();
175			$data['http_host'] = 'http://' . TimberURLHelper::get_host();
176			$data['wp_title'] = TimberHelper::get_wp_title();
177			$data['wp_head'] = TimberHelper::function_wrapper( 'wp_head' );
178			$data['wp_footer'] = TimberHelper::function_wrapper( 'wp_footer' );
179			$data['body_class'] = implode( ' ', get_body_class() );
180
181			$data['site'] = new TimberSite();
182			$data['request'] = new TimberRequest();
183			$data['theme'] = $data['site']->theme;
184
185			$data['posts'] = Timber::query_posts();
186
187			$data = apply_filters( 'timber_context', $data );
188			$data = apply_filters( 'timber/context', $data );
189			return $data;
190			}
191
192			/**
193			* Compile function.
194			*
195			* @param array $filenames
196			* @param array $data
197			* @param bool $expires
198			* @param string $cache_mode
199			* @param bool $via_render
200			* @return bool\|string
201			*/
202			public static function compile( $filenames, $data = array(), $expires = false, $cache_mode = TimberLoader::CACHE_USE_DEFAULT, $via_render = false ) {
203			$caller = self::get_calling_script_dir();
204			$caller_file = self::get_calling_script_file();
205			$caller_file = apply_filters( 'timber_calling_php_file', $caller_file );
206			$loader = new TimberLoader( $caller );
207			$file = $loader->choose_template( $filenames );
208			$output = '';
209			if ( is_null( $data ) ) {
210			$data = array();
211			}
212			if ( strlen( $file ) ) {
213			if ( $via_render ) {
214			$file = apply_filters( 'timber_render_file', $file );
215			$data = apply_filters( 'timber_render_data', $data );
216			} else {
217			$file = apply_filters( 'timber_compile_file', $file );
218			$data = apply_filters( 'timber_compile_data', $data );
219			}
220			$output = $loader->render( $file, $data, $expires, $cache_mode );
221			}
222			do_action( 'timber_compile_done' );
223			return $output;
224			}
225
226			/**
227			* Compile string.
228			*
229			* @param string $string a string with twig variables.
230			* @param array $data an array with data in it.
231			* @return bool\|string
232			*/
233			public static function compile_string( $string, $data = array() ) {
234			$dummy_loader = new TimberLoader();
235			$dummy_loader->get_twig();
236			$loader = new Twig_Loader_String();
237			$twig = new Twig_Environment( $loader );
238			$twig = apply_filters( 'timber/twig/filters', $twig );
239			$twig = apply_filters( 'twig_apply_filters', $twig );
240			return $twig->render( $string, $data );
241			}
242
243			/**
244			* Fetch function.
245			*
246			* @param array $filenames
247			* @param array $data
248			* @param bool $expires
249			* @param string $cache_mode
250			* @return bool\|string
251			*/
252			public static function fetch( $filenames, $data = array(), $expires = false, $cache_mode = TimberLoader::CACHE_USE_DEFAULT ) {
253			if ( $expires === true ) {
254			//if this is reading as true; the user probably is using the old $echo param
255			//so we should move all vars up by a spot
256			$expires = $cache_mode;
257			$cache_mode = TimberLoader::CACHE_USE_DEFAULT;
258			}
259			$output = self::compile( $filenames, $data, $expires, $cache_mode, true );
			0 ignored issues – show Bug introduced 2016-02-04 14:16 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$expires` defined by `$cache_mode` on line `256` can also be of type `string`; however, `Timber::compile()` does only seem to accept `boolean`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
260			$output = apply_filters( 'timber_compile_result', $output );
261			return $output;
262			}
263
264			/**
265			* Render function.
266			*
267			* @param array $filenames
268			* @param array $data
269			* @param bool $expires
270			* @param string $cache_mode
271			* @return bool\|string
272			*/
273			public static function render( $filenames, $data = array(), $expires = false, $cache_mode = TimberLoader::CACHE_USE_DEFAULT ) {
274			$output = static::fetch( $filenames, $data, $expires, $cache_mode );
275			echo $output;
276			return $output;
277			}
278
279			/**
280			* Render string.
281			*
282			* @param string $string a string with twig variables.
283			* @param array $data an array with data in it.
284			* @return bool\|string
285			*/
286			public static function render_string( $string, $data = array() ) {
287			$compiled = self::compile_string( $string, $data );
288			echo $compiled;
289			return $compiled;
290			}
291
292
293			/* Sidebar
294			================================ */
295
296			/**
297			* Get sidebar.
298			*
299			* @param string $sidebar
300			* @param array $data
301			* @return bool\|string
302			*/
303			public static function get_sidebar( $sidebar = '', $data = array() ) {
304			if ( $sidebar == '' ) {
305			$sidebar = 'sidebar.php';
306			}
307			if ( strstr( strtolower( $sidebar ), '.php' ) ) {
308			return self::get_sidebar_from_php( $sidebar, $data );
309			}
310			return self::compile( $sidebar, $data );
311			}
312
313			/**
314			* Get sidebar from PHP
315			*
316			* @param string $sidebar
317			* @param array $data
318			* @return string
319			*/
320			public static function get_sidebar_from_php( $sidebar = '', $data ) {
321			$caller = self::get_calling_script_dir();
322			$loader = new TimberLoader();
323			$uris = $loader->get_locations( $caller );
324			ob_start();
325			$found = false;
326			foreach ( $uris as $uri ) {
327			if ( file_exists( trailingslashit( $uri ) . $sidebar ) ) {
328			include trailingslashit( $uri ) . $sidebar;
329			$found = true;
330			break;
331			}
332			}
333			if ( !$found ) {
334			TimberHelper::error_log( 'error loading your sidebar, check to make sure the file exists' );
335			}
336			$ret = ob_get_contents();
337			ob_end_clean();
338			return $ret;
339			}
340
341			/* Widgets
342			================================ */
343
344			/**
345			* Get widgets.
346			*
347			* @param int $widget_id
348			* @return TimberFunctionWrapper
349			*/
350			public static function get_widgets( $widget_id ) {
351			return trim( TimberHelper::function_wrapper( 'dynamic_sidebar', array( $widget_id ), true ) );
352			}
353
354
355			/* Routes
356			================================ */
357
358			/**
359			* Add route.
360			*
361			* @param string $route
362			* @param callable $callback
363			* @param array $args
364			* @deprecated since 0.20.0
365			*/
366			public static function add_route( $route, $callback, $args = array() ) {
367			Routes::map( $route, $callback, $args );
368			}
369
370			/**
371			* Load template.
372			*
373			* @deprecated since 0.20.0
374			*/
375			public static function load_template( $template, $query = false, $status_code = 200, $tparams = false ) {
376			return Routes::load( $template, $tparams, $query, $status_code );
377			}
378
379			/**
380			* Load view.
381			*
382			* @deprecated since 0.20.2
383			*/
384			public static function load_view( $template, $query = false, $status_code = 200, $tparams = false ) {
385			return Routes::load( $template, $tparams, $query, $status_code );
386			}
387
388
389			/* Pagination
390			================================ */
391
392			/**
393			* Get pagination.
394			*
395			* @param array $prefs
396			* @return array mixed
397			*/
398			public static function get_pagination( $prefs = array() ) {
399			global $wp_query;
400			global $paged;
401			global $wp_rewrite;
402			$args = array();
403			$args['total'] = ceil( $wp_query->found_posts / $wp_query->query_vars['posts_per_page'] );
404			if ( $wp_rewrite->using_permalinks() ) {
405			$url = explode( '?', get_pagenum_link( 0 ) );
406			if ( isset( $url[1] ) ) {
407			parse_str( $url[1], $query );
408			$args['add_args'] = $query;
409			}
410			$args['format'] = 'page/%#%';
411			$args['base'] = trailingslashit( $url[0] ).'%_%';
412			} else {
413			$big = 999999999;
414			$args['base'] = str_replace( $big, '%#%', esc_url( get_pagenum_link( $big ) ) );
415			}
416			$args['type'] = 'array';
417			$args['current'] = max( 1, get_query_var( 'paged' ) );
418			$args['mid_size'] = max( 9 - $args['current'], 3 );
419			if ( is_int( $prefs ) ) {
420			$args['mid_size'] = $prefs - 2;
421			} else {
422			$args = array_merge( $args, $prefs );
423			}
424			$data = array();
425			$data['current'] = $args['current'];
426			$data['total'] = $args['total'];
427			$data['pages'] = TimberHelper::paginate_links( $args );
428			$next = get_next_posts_page_link( $args['total'] );
429			if ( $next ) {
430			$data['next'] = array( 'link' => untrailingslashit( $next ), 'class' => 'page-numbers next' );
431			}
432			$prev = previous_posts( false );
433			if ( $prev ) {
434			$data['prev'] = array( 'link' => untrailingslashit( $prev ), 'class' => 'page-numbers prev' );
435			}
436			if ( $paged < 2 ) {
437			$data['prev'] = '';
438			}
439			if ( $data['total'] === ( double ) 0 ) {
440			$data['next'] = '';
441			}
442			return $data;
443			}
444
445			/* Utility
446			================================ */
447
448			/**
449			* Get calling script dir.
450			*
451			* @return string
452			*/
453			public static function get_calling_script_dir( $offset = 0 ) {
454			$caller = self::get_calling_script_file( $offset );
455			if ( !is_null( $caller ) ) {
456			$pathinfo = pathinfo( $caller );
457			$dir = $pathinfo['dirname'];
458			return $dir;
459			}
460			}
461
462			/**
463			* Get calling script file.
464			*
465			* @param int $offset
466			* @return string\|null
467			* @deprecated since 0.20.0
468			*/
469			public static function get_calling_script_file( $offset = 0 ) {
470			$caller = null;
471			$backtrace = debug_backtrace();
472			$i = 0;
473			foreach ( $backtrace as $trace ) {
474			if ( array_key_exists('file', $trace) && $trace['file'] != __FILE__ ) {
475			$caller = $trace['file'];
476			break;
477			}
478			$i++;
479			}
480			if ( $offset ) {
481			$caller = $backtrace[$i + $offset]['file'];
482			}
483			return $caller;
484			}
485
486
487			}
488
489			$timber = new Timber();
490			Timber::$dirname = 'views';

jarednova / timber

Issues (311)

Security Analysis not enabled

lib/timber.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like